Information
privacy is the relationship between technology, collection and sharing of data,
the public expectation of privacy, and the legal and related issues surrounding
them. Privacy concerns exist when there is sensitive information or personally
identifiable information that might be of interest to other parties.
Maintenance of information privacy is a risk management issue for any
organization. Currently, numerous organizations have faced cyber attacks and
consequent data breaches in the recent past. Data breach undoubtedly qualifies
as study topic as its consequences are severe. Data breach incidents pose a
major challenge to organizations and individuals information privacy.
The ability to
safeguard data is important particularly now that business systems and
processes become more and more complex, and personal information increasingly
continues to be collected. On the other hand, Laws and regulations continue to
place requirements for the protection of personal information. Data breach
incidents have more impact than government fines, publicized lawsuits, and
labor or union disputes. Breaches also have an impact on customers. Customers
fear about identity theft that is worsened by the loss of personal information
in the case of data breaches. Thus, organizations find it necessary to
implement measures to prevent data breaches.
When a breach happens, the implications reach right to the top. Therefore, the operational, communication and
legal responses to data breaches should be matched with careful planning for
effective mitigation against reputational damage.
Computer
dependency, and personal social frustration, a false sense of entitlement, lack
of empathy, reduced loyalty, and ethical flexibility increases the security
risk to the disadvantage of the organization. Human actions may result from
growing unaddressed discontentment with the organization, poor management, poor
work plans and low motivation. Organizations need to understand that most
phishing and social engineering events are commonly not intentional or
malicious. Users may be the largest weakest security link. Training users on
the importance of encrypting data and the dangers of phishing attacks are one
of the best defenses organizations can put up against security threats and
risks. Active training can allow users to learn at their own pace, reinforces
desired behavior and do away with behavior that puts the organization at risk.
Training users is a more effective approach as it allows users to move from
being part of the problem to being part of the solution. One way of promoting
information privacy is through data encryption.
Encryption is a modern form of cryptography that enables users to hide
information from others. Encryption makes use of a complex algorithm called a
cipher in order to turn plaintext into a series of seemingly random characters
that are unreadable by those without a special key in which to decrypt it. Only those with the key can decrypt the data
to view it as plaintext. Modern encryption technology utilizes more
sophisticated algorithms and larger key sizes in order to better conceal
encrypted data.
The security
risks further increase with the extraordinary utilization of internet services
due to the advent of cloud computing and to support internal business processes.
Technologies such encryption are commonly implemented to reduce the risk of
cyber attacks. While such technologies are widely available to help
organizations mitigate the risk of intentional and unintentional threats, their
effectiveness is limited if security threats and risks fail to focus on user
intrinsic components of the organization’s ICT system
Sherry Roberts is the author of this paper. A senior editor at MeldaResearch.Com in write my research paper cheap if you need a similar paper you can place your order for buy custom essay papers online.
No comments:
Post a Comment